Posting a solution to this issue just in case it helps others with the same
issue. The problem was solved by setting the socket to be non-blocking and
then looping when the error is "SSL wants a read first". I try limit the
number of loops to 10 before I give up. It takes 2 times in the loop
before the handshake is successful. Not sure why this is necessary on
Solaris, but not on Windows though. This code works on both platforms.
# force non-blocking mode to agents.
$sock->blocking(0);
IO::Socket::SSL->start_SSL($sock,
'SSL_version' => $ssl_ver,
'SSL_cipher_list' => $ssl_cipher_list,
'SSL_verify_mode' => hex $ssl_verify_mode,
'SSL_use_cert' => $use_cert,
'SSL_key_file' => $key_location,
'SSL_passwd_cb' => sub{return $key_pass},
'SSL_cert_file' => $cert_location,
'SSL_ca_file' => $ca_location,
'Timeout' => 30,
'SSL_startHandshake' => 0
) || die "Encountered an SSL handshake problem:
".IO::Socket::SSL::errstr();
my $attempts = 0;
my $MAX_ATTEMPTS = 10;
while ( 1 ) {
$sock->connect_SSL && last;
$attempts++;
if ($attempts == $MAX_ATTEMPTS) {
last;
}
if ( $sock->errstr() =~ /SSL wants a read first/ ) {
IO::Select->new($sock)->can_read(30) && next; #
retry if can read
} elsif ( $sock->errstr() =~ /SSL wants a write first/
) {
IO::Select->new($sock)->can_write(30) && next;
# retry if can write
}
last;
}
--
View this message in context:
http://www.nabble.com/SSL_ERROR_SYSCALL%2C-errlist%3A-No-such-file-or-directory-tp20329506p20389663.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
